Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

setup/cri: add a section about cgroup drivers #12638

Merged
merged 2 commits into from
Feb 18, 2019
Merged

setup/cri: add a section about cgroup drivers #12638

merged 2 commits into from
Feb 18, 2019

Conversation

neolit123
Copy link
Member

A cgroup driver is an important setting for the CRI and the kubelet.
Add a section that explains why "systemd" is the suggested value
for a driver when installing a CRI.

In the case of Docker the kubelet will receive this value automatically.
For the other CRIs, the users should tackle this manually.

Also default the value to systemd on Debian installs for Docker.

this is not a new feature so i'm sending against master.

original text by @mauilion
cc @timothysc @kubernetes/sig-cluster-lifecycle-pr-reviews
/sig cluster-lifecycle

fixes kubernetes/kubeadm#1394

@k8s-ci-robot k8s-ci-robot added sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Feb 14, 2019
@k8s-ci-robot k8s-ci-robot added the language/en Issues or PRs related to English language label Feb 14, 2019
@neolit123
Copy link
Member Author

/priority important-soon

@k8s-ci-robot k8s-ci-robot added the priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. label Feb 14, 2019
@neolit123
Copy link
Member Author

/assign @chenopis

@netlify
Copy link

netlify bot commented Feb 14, 2019
edited
Loading

Deploy preview for kubernetes-io-master-staging ready!

Built with commit 2967c4f

https://deploy-preview-12638--kubernetes-io-master-staging.netlify.com

@xichengliudui
Copy link
Contributor

/lgtm
nice!

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 14, 2019
@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 14, 2019
detiber
detiber reviewed Feb 14, 2019
View reviewed changes
content/en/docs/setup/cri.md Outdated
for the rest can become unstable under resource pressure.

Changing the settings such that your container runtime and kubelet use `systemd` as the cgroup driver
stabilized the system. Pleas note the `native.cgroupdriver=systemd` option in the Docker setup below.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From what I can tell the containerd section will also need to be updated for this as well: https://github.com/containerd/cri/blob/master/docs/config.md

That said, that section also needs to be updated for containerd v1.2.x and for CVE-2019-5736 as well. If needed I can create a followup PR to address that section.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, please send a follow up.

CRI-O also has the option:
https://github.com/kubernetes-sigs/cri-o/blob/master/docs/crio.conf.5.md

the problem with containerd and CRI-O is if we set it on setup, kubeadm cannot detect it and it will fail if set to systemd, until the users also adds --cgroup-driver=systemd in KUBELET_EXTRA_FLAGS: https://kubernetes.io/docs/setup/independent/kubelet-integration/

hopefully this is known by the users at this point.

@detiber
Copy link
Member

detiber commented Feb 14, 2019

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 14, 2019
@bart0sh
Copy link
Contributor

bart0sh commented Feb 14, 2019

/lgtm

@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 14, 2019
@neolit123
Copy link
Member Author

fixed typo Pleas -> Please

@neolit123
setup/cri: add a section about cgroup drivers
d192599 
A cgroup driver is an important setting for the CRI and the kubelet.
Add a section that explains why "systemd" is the suggested value
for a driver when installing a CRI.

In the case of Docker the kubelet will receive this value automatically.
For the other CRIs, the users should tackle this manually.
@bart0sh
Copy link
Contributor

bart0sh commented Feb 14, 2019

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 14, 2019
tao12345666333
tao12345666333 approved these changes Feb 14, 2019
View reviewed changes
Copy link
Member

@tao12345666333 tao12345666333 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

Thanks.

@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 17, 2019
@zparnold
Copy link
Member

@neolit123 did a quick revision for style/grammar. Please let me know if it's still technically correct.

@neolit123
Copy link
Member Author

@zparnold

did a quick revision for style/grammar. Please let me know if it's still technically correct.

thanks, the changes seem good.

@bart0sh
Copy link
Contributor

bart0sh commented Feb 17, 2019

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 17, 2019
@zparnold
Copy link
Member

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: zparnold

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 18, 2019
@k8s-ci-robot k8s-ci-robot merged commit 43764bd into kubernetes:master Feb 18, 2019
kwiesmueller pushed a commit to kwiesmueller/website that referenced this pull request Feb 28, 2019
@neolit123
setup/cri: add a section about cgroup drivers (kubernetes#12638)
13b22b4 
* setup/cri: add a section about cgroup drivers

A cgroup driver is an important setting for the CRI and the kubelet.
Add a section that explains why "systemd" is the suggested value
for a driver when installing a CRI.

In the case of Docker the kubelet will receive this value automatically.
For the other CRIs, the users should tackle this manually.

* Update cri.md
krmayankk pushed a commit to krmayankk/kubernetes.github.io that referenced this pull request Mar 11, 2019
@neolit123
setup/cri: add a section about cgroup drivers (kubernetes#12638)
a746858 
* setup/cri: add a section about cgroup drivers

A cgroup driver is an important setting for the CRI and the kubelet.
Add a section that explains why "systemd" is the suggested value
for a driver when installing a CRI.

In the case of Docker the kubelet will receive this value automatically.
For the other CRIs, the users should tackle this manually.

* Update cri.md
yagonobre pushed a commit to yagonobre/website that referenced this pull request Mar 14, 2019
@neolit123 @yagonobre
setup/cri: add a section about cgroup drivers (kubernetes#12638)
4bea937 
* setup/cri: add a section about cgroup drivers

A cgroup driver is an important setting for the CRI and the kubelet.
Add a section that explains why "systemd" is the suggested value
for a driver when installing a CRI.

In the case of Docker the kubelet will receive this value automatically.
For the other CRIs, the users should tackle this manually.

* Update cri.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@detiber detiber detiber left review comments

@bart0sh bart0sh bart0sh approved these changes

@tao12345666333 tao12345666333 tao12345666333 approved these changes

@vincepri vincepri Awaiting requested review from vincepri

Assignees

@detiber detiber

@bart0sh bart0sh

@chenopis chenopis

@xichengliudui xichengliudui

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. language/en Issues or PRs related to English language lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Change default cgroup driver to systemd and verify parity w/docker on preflight
8 participants
@neolit123 @xichengliudui @detiber @bart0sh @zparnold @k8s-ci-robot @tao12345666333 @chenopis